what would be the best approach in limiting users bandwidth on the LAN side. for now i have inbound traffic (internet->LAN) controlled by throttling. and my outbound traffic (LAN->Internet) is controlled by bandwidth pools.

is there any "improvement" or "degradation" on the user experience if I control/limit inbound traffic (Internet->LAN) for the users in the bandwidth pools? since the bandwidth pool uses traffic shaping that smoothens the traffic flow instead of dropping excess packets. attached are some screen shots

NEtwork topology ISP 1 QoS settings ISP 2 QoS settings

Since we have 2 ISPs configured with uplink balancing, I have to configure similar throttling rules on both our ISP interfaces on the UTM.

DL throttling on ISP 1 interface

DL Throttling on ISP 2 Interface

And now, I tried to replicate bandwidth limiting function to our internal LAN users through the "bandwidth pool" tab. while doing this, I turned off all bandwidth limiting rules on the "download throttling" tab to make sure that it is the "bandwidth pool" tab that's doing the limiting. and I've only just made a single rule on the LAN interface of the UTM.

so far, the download speed limit was working through the "bandwidth pool" rule i've set. screenshot attached below.

to wrap it all up, what would be the best approach if your going to limit download speed on your internal users. is it through the "bandwidth pool" tab that uses traffic shaping? or through the "download throttling" tab that is similar to policing which drops excess packets?

any inputs are very much welcome. i know my post is quite confusing but i just want to know which way would give our users a better experience in terms of web page loading and response while implementing download limits on their speed.

I would be interested in how you determined the items you listed at the top that you know. I believe that the same mechanism is used - the excess packets are dropped.

The advantage of a Bandwidth pool on the External interface as opposed to a Download Throttling rule on the Internal interface is that you can guarantee bandwidth to some traffic without limiting other traffic when it's not necessary to throttle it.

There are instances where even a Download Throttling rule on the External interface won't guarantee remaining bandwidth because the pipe is filled even though "extra" packets are dropped.

"The advantage of a Bandwidth pool on the External interface as opposed to a Download Throttling rule on the Internal interface is that you can guarantee bandwidth to some traffic without limiting other traffic when it's not necessary to throttle it.

There are instances where even a Download Throttling rule on the External interface won't guarantee remaining bandwidth because the pipe is filled even though "extra" packets are dropped."

By these statement I believe you are suggesting that the main difference between the two is that Bandwidth Pool have the "guaranteed" speed function and you can also cap it to a certain speed. while Throttling simply caps it without providing the "guaranteed" function.? did I get you right?